This is the accessible text file for GAO report number GAO-03-1150T
entitled 'Aviation Security: Progress Since September 11, 2001, and the
Challenges Ahead' which was released on September 09, 2003.
This text file was formatted by the U.S. General Accounting Office
(GAO) to be accessible to users with visual impairments, as part of a
longer term project to improve GAO products' accessibility. Every
attempt has been made to maintain the structural and data integrity of
the original printed product. Accessibility features, such as text
descriptions of tables, consecutively numbered footnotes placed at the
end of the file, and the text of agency comment letters, are provided
but may not exactly duplicate the presentation or format of the printed
version. The portable document format (PDF) file is an exact electronic
replica of the printed version. We welcome your feedback. Please E-mail
your comments regarding the contents or accessibility features of this
document to Webmaster@gao.gov.
This is a work of the U.S. government and is not subject to copyright
protection in the United States. It may be reproduced and distributed
in its entirety without further permission from GAO. Because this work
may contain copyrighted images or other material, permission from the
copyright holder may be necessary if you wish to reproduce this
material separately.
On January 5, 2004, this document was revised to add various
footnote references missing in the text of the body of the document.
Testimony:
Before the Committee on Commerce, Science and Transportation, U.S.
Senate:
United States General Accounting Office:
GAO:
For Release on Delivery Expected at 9:30 a.m. EDT:
Tuesday September 9, 2003:
AVIATION SECURITY:
Progress Since September 11, 2001, and the Challenges Ahead:
Statement of Gerald L. Dillingham, Director, Civil Aviation Issues:
Aviation Security Progress and Challenges:
GAO-03-1150T:
GAO Highlights:
Highlights of GAO-03-1150T, a testimony before the Committee on
Commerce, Science and Transportation, U.S. Senate
Why GAO Did This Study:
In the 2 years since the terrorist attacks of September 11, 2001, the
security of our nationís civil aviation system has assumed renewed
urgency, and efforts to strengthen aviation security have received a
great deal of congressional attention. On November 19, 2001, the
Congress enacted the Aviation and Transportation Security Act (ATSA),
which created the Transportation Security Administration (TSA) within
the Department of Transportation (DOT) and defined its primary
responsibility as ensuring security in aviation as well as in other
modes of transportation. The Homeland Security Act, passed on November
25, 2002, transferred TSA to the new Department of Homeland Security,
which assumed overall responsibility for aviation security. GAO was
asked to describe the progress that has been made since September 11
to strengthen aviation security, the potential vulnerabilities that
remain, and the longer-term management and organizational challenges
to sustaining enhanced aviation security.
What GAO Found:
Since September 11, 2001, TSA has made considerable progress in
meeting congressional mandates designed to increase aviation security.
By the end of 2002, the agency had hired and deployed about 65,000
passenger and baggage screeners, federal air marshals, and others, and
it was using explosives detection equipment to screen about 90 percent
of all checked baggage. TSA is also initiating or developing efforts
that focus on the use of technology and information to advance
security. One effort under development, the next-generation Computer-
Assisted Passenger Prescreening System (CAPPS II), would use national
security and commercial databases to identify passengers who could
pose risks for additional screening. Concerns about privacy rights
will need to be addressed as this system moves toward implementation.
Although TSA has focused on ensuring that bombs and other threat items
are not carried onto planes by passengers or in their luggage,
vulnerabilities remain in air cargo, general aviation, and airport
perimeter security. Each year, an estimated 12.5 million tons of cargo
are transported on all-cargo and passenger planes, yet very little air
cargo is screened for explosives. We have previously recommended, and
the industry has suggested, that TSA use a risk-management approach to
set priorities as it works with the industry to determine the next
steps in strengthening aviation security.
TSA faces longer-term management and organizational challenges to
sustaining enhanced aviation security that include (1) developing and
implementing a comprehensive risk management approach, (2) paying for
increased aviation security needs and controlling costs, (3)
establishing effective coordination among the many entities involved
in aviation security, (4) strategically managing its workforce, and
(5) building a results-oriented culture within the new Department of
Homeland Security. TSA has begun to respond to recommendations we have
made addressing many of these challenges, and we have other studies in
progress.
What GAO Recommends:
In prior reports and testimonies, listed at the end of this statement,
GAO has made numerous recommendations to strengthen aviation security
and to improve the management of federal aviation security
organizations and functions.
www.gao.gov/cgi-bin/getrpt?GAO-03-1150T.
To view the full product, including the scope and methodology, click
on the link above. For more information, contact Gerald L. Dillingham,
Ph.D., at (202) 512-2834 or dillinghamg@gao.gov.
[End of section]
Mr. Chairman and Members of the Committee:
In the 2 years since the terrorist attacks of September 11, 2001, the
security of our nation's civil aviation system has assumed renewed
urgency, and efforts to strengthen aviation security have received a
great deal of congressional attention. On November 19, 2001, the
Congress enacted the Aviation and Transportation Security Act (ATSA),
which created the Transportation Security Administration (TSA) within
the Department of Transportation (DOT) and defined its primary
responsibility as ensuring security in aviation as well as in other
modes of transportation. The act set forth specific improvements to
aviation security for TSA to implement and established deadlines for
completing many of them. The Homeland Security Act, passed on November
25, 2002, transferred TSA to the new Department of Homeland Security,
which assumed overall responsibility for aviation security.
My testimony today addresses the (1) progress that has been made since
September 11 to strengthen aviation security, (2) potential
vulnerabilities that remain, and (3) longer-term management and
organizational challenges to sustaining enhanced aviation security. The
testimony is based on our prior work, our review of recent literature,
and discussions with aviation industry representatives and TSA.
In summary:
Since September 2001, TSA has made considerable progress in meeting
congressional mandates related to aviation security, thereby increasing
aviation security. For example, by the end of December 2002, the agency
had hired and deployed a workforce of about 65,000, including passenger
and baggage screeners and federal air marshals, and it was using
explosives detection equipment to screen about 90 percent of all
checked baggage. In addition, TSA has initiated several programs and
research and development efforts that focus on the use of technology
and information to advance security. For example, the agency is
developing the Transportation Workers Identification Card program to
provide a nationwide standard credential for airport workers that is
issued after a background check has been completed and biometric
indicators have been incorporated so that each worker can be positively
matched to his or her credential. TSA is also developing the next-
generation Computer Assisted Passenger Prescreening System (CAPPS II),
which would use national security and commercial databases to assess
the risk posed by passengers and identify some passengers for
additional screening before they board their flights. These uses of
technology and information--particularly CAPPS II--have raised some
concerns about privacy rights that will need to be addressed as these
programs move toward implementation.
Although TSA has focused much effort and funding on ensuring that bombs
and other threat items are not carried onto planes by passengers or in
their luggage, vulnerabilities remain in areas such as air cargo
security, general aviation security, and airport perimeter security.
For example, air cargo is vulnerable because very little of the
estimated 12.5 million tons transported each year on all-cargo and
passenger planes is physically screened for explosives. As a result, a
potential security risk is the introduction of explosive and incendiary
devices in cargo placed aboard aircraft. We have recommended in prior
work that TSA use a risk management approach to prioritize actions and
funding as it works with industry to determine the next steps in
strengthening air cargo security, and industry stakeholders have
suggested the application of such an approach to general aviation
security.
TSA faces longer-term management and organizational challenges to
sustaining enhanced aviation security that include (1) developing and
implementing a comprehensive risk management approach, (2) paying for
increased aviation security needs and controlling costs, (3)
establishing effective coordination among the many public and private
entities involved in aviation security, (4) strategically managing its
workforce and ensuring appropriate staffing levels, and (5) building a
results-oriented culture as it shifts its aviation security and other
functions to the Department of Homeland Security. We have issued
reports and made recommendations that address many of these challenges,
and some actions are under way. In addition, we have studies in
progress on some of these issues.
Background:
Before September 2001, we and others had demonstrated significant,
long-standing vulnerabilities in aviation security, some of which are
depicted in figure 1. These included weaknesses in screening passengers
and baggage, controlling access to secure areas at airports, and
protecting air traffic control computer systems and facilities. To
address these and other weaknesses, ATSA created the Transportation
Security Administration and established security requirements for the
new agency with mandated deadlines.
This page intentially left blank:
Figure 1: Aviation Security Focus Areas:
[See PDF for image]
[End of figure]
Civil Aviation Was Vulnerable before September 11, 2001:
Before September 2001, screeners, who were then hired by the airlines,
often failed to detect threat objects located on passengers or in their
carry-on luggage. Principal causes of screeners' performance problems
were rapid turnover and insufficient training. As we previously
reported, turnover rates exceeded 100 percent a year at most large
airports, leaving few skilled and experienced screeners, primarily
because of low wages, limited benefits, and repetitive, monotonous
work.[Footnote 1]
In addition, before September 2001, controls for limiting access to
secure areas of airports, including aircraft, did not always work as
intended. As we reported in May 2000, our special agents used
fictitious law enforcement badges and credentials to gain access to
secure areas, bypass security checkpoints at two airports, and walk
unescorted to aircraft departure gates.[Footnote 2] The agents, who had
been issued tickets and boarding passes, could have carried weapons,
explosives, or other dangerous objects onto aircraft. DOT's Inspector
General also documented numerous problems with airport access controls,
and in one series of tests, nearly 7 out of every 10 attempts by the
Inspector General's staff to gain access to secure areas were
successful. Upon entering the secure areas, the Inspector General's
staff boarded aircraft 117 times. The Inspector General further
reported that the majority of the aircraft boardings would not have
occurred if employees had taken the prescribed steps, such as making
sure doors closed behind them.
Our reviews also found that the security of the air traffic control
computer systems and of the facilities that house them had not been
ensured.[Footnote 3] The vulnerabilities we identified, such as not
ensuring that contractors who had access to the air traffic control
computer systems had undergone background checks, made the air traffic
control system susceptible to intrusion and malicious attacks. The air
traffic control computer systems provide information to air traffic
controllers and aircraft flight crews to help ensure the safe and
expeditious movement of aircraft. Failure to protect these systems and
their facilities could cause a nationwide disruption of air traffic or
even collisions and loss of life.
Over the years, we made numerous recommendations to the Federal
Aviation Administration (FAA), which, until ATSA's enactment, was
responsible for aviation security. These recommendations were designed
to improve screeners' performance, strengthen airport access controls,
and better protect air traffic control computer systems and facilities.
As of September 2001, FAA had implemented some of these recommendations
and was addressing others, but its progress was often slow. In
addition, many initiatives were not linked to specific deadlines,
making it difficult to monitor and oversee their implementation.
Legislation Transferred Most Aviation Security Responsibilities to TSA:
ATSA defined TSA's primary responsibility as ensuring security in all
modes of transportation. The act also shifted security-screening
responsibilities from the airlines to TSA and established a series of
requirements to strengthen aviation security, many of them with
mandated implementation deadlines. For example, the act required the
deployment of federal screeners at 429 commercial airports across the
nation by November 19, 2002, and the use of explosives detection
technology at these airports to screen every piece of checked baggage
for explosives not later than December 31, 2002. However, the Homeland
Security Act subsequently allowed TSA to grant waivers of up to 1 year
to airports that would not be able to meet the December deadline.
Some aviation security responsibilities remained with FAA. For example,
FAA is responsible for the security of its air traffic control and
other computer systems and of its air traffic control facilities. FAA
also administers the Airport Improvement Program (AIP) trust fund,
which is used to fund capital improvements to airports, including some
security enhancements, such as terminal modifications to accommodate
explosives detection equipment.
Since September 2001, Multiple Initiatives Have Increased Aviation
Security:
Over the past 2 years, TSA and FAA have taken major steps to increase
aviation security. TSA has implemented congressional mandates and
explored options for increasing the use of technology and information
to control access to secure areas of airports and to improve passenger
screening. FAA has focused its efforts on enhancing the security of the
nation's air traffic control systems and facilities. In ongoing work,
we are examining some of these efforts in more detail (see app. IV).
TSA Met Many Aviation Security Mandates but Encountered Some
Difficulties:
In its first year, TSA worked to establish its organization and focused
primarily on meeting the aviation security deadlines set forth in ATSA,
accomplishing a large number of tasks under a very ambitious schedule.
In January 2002, TSA had 13 employees--1 year later, the agency had
about 65,000 employees. TSA reported that it met over 30 deadlines
during 2002 to improve aviation security. (See app. I for the status of
mandates in ATSA.) For example, according to TSA, it:
* met the November 2002 deadline to deploy federal passenger screeners
at airports across the nation by hiring, training, and deploying over
40,000 individuals to screen passengers at 429 commercial airports (see
fig. 2);
* hired and deployed more than 20,000 individuals to screen all checked
baggage;
* has been using explosives detection systems or explosives trace
detection equipment to screen about 90 percent of all checked baggage
as of December 31, 2002;[Footnote 4]
* has been using alternative means such as canine teams, hand searches,
and passenger-bag matching to screen the remaining checked baggage;
* confiscated more than 4.8 million prohibited items (including
firearms, knives, and incendiary or flammable objects) from passengers;
and:
* has made substantial progress in expanding the Federal Air Marshal
Service.
In addition, according to FAA, U.S. and foreign airlines met the April
2003 deadline to harden cockpit doors on aircraft flying in the United
States.
Figure 2: Screening Passengers at a U.S. Commercial Airport:
[See PDF for image]
[End of figure]
Not unexpectedly, TSA experienced some difficulties in meeting these
deadlines and achieving these goals. For example, operational and
management control problems, cited later in this testimony, emerged
with the rapid expansion of the Federal Air Marshal Service, and TSA's
deployment of some explosives detection systems was delayed. As a
result, TSA had to grant waivers of up to a year (until Dec. 31, 2003)
to a few airports, authorizing them to use alternative means to screen
all checked baggage. Recently, airport representatives with whom we
spoke expressed concern that not all of these airports would meet the
new December 2003 deadline established in their waivers because,
according to the airport representatives, there has not been enough
time to produce, install, and integrate all of the systems required to
meet the deadline.
TSA Is Making Greater Use of Technology and Information to Enhance
Aviation Security:
To strengthen control over access to secure areas of airports and other
transportation facilities, TSA is pursuing initiatives that make
greater use of technology and information. For example, the agency is
investigating the establishment of a Transportation Workers
Identification Card (TWIC) program. TWIC is intended to establish a
uniform, nationwide standard for the secure identification of 12
million workers who require unescorted physical or cyber access to
secure areas at airports and other transportation facilities.
Specifically, TWIC will combine standard background checks and
biometrics so that a worker can be positively matched to his or her
credential. Once the program is fully operational, the TWIC card will
be the standard credential for airport workers and will be accepted by
all modes of transportation. According to TSA, developing a uniform,
nationwide standard for identification will minimize redundant
credentialing and background checks. Currently, each airport is
required, as part of its security program, to issue credentials to
workers who need access to secure, nonpublic areas, such as baggage
loading areas.[Footnote 5] Airport representatives have told us that
they think a number of operational issues need to be resolved for the
TWIC card to be feasible. For example, the TWIC card would have to be
compatible with the many types of card readers used at airports around
the country, or new card readers would have to be installed. At large
airports, this could entail replacing hundreds of card readers, and
airport representatives have expressed concerns about how this effort
would be funded. In April 2003, TSA awarded a contract to test and
evaluate various technologies at three pilot sites.
In addition, TSA has continued to develop the next-generation Computer
Assisted Passenger Prescreening System (CAPPS II)--an automated
passenger screening system that takes personal information, such as a
passenger's name, date of birth, home address, and home telephone
number, to confirm the passenger's identity and assess a risk level.
The identifying information will be run against national security
information and commercial databases, and a "risk" score will be
assigned to the passenger. The risk score will determine any further
screening that the passenger will undergo before boarding. TSA expects
to implement CAPPS II throughout the United States by the fall of 2004.
However, TSA's plans have raised concerns about travelers' privacy
rights. It has been suggested, for example, that TSA is violating
privacy laws by not explaining how the risk assessment data will be
scored and used and how a TSA decision can be appealed. These concerns
about the system will need to be addressed as it moves toward
implementation. In ongoing work, we are examining CAPPS II, including
how it will function, what safeguards will be put in place to protect
the traveling public's privacy, and how the system will affect the
traveling public in terms of costs, delays, and risks.
Additionally, TSA has begun to develop initiatives that could enable it
to use its passenger screening resources more efficiently. For example,
TSA has requested funding for fiscal year 2004 to begin developing a
registered traveler program that would prescreen low-risk travelers.
Under a registered traveler program, those who voluntarily apply to
participate in the program and successfully pass background checks
would receive a unique identifier or card that would enable them to be
screened more quickly and would promote greater focus on those
passengers who require more extensive screening at airport security
checkpoints. In prior work, we identified key policy and implementation
issues that would need to be resolved before a registered traveler
program could be implemented. Such issues include the (1) criteria that
should be established to determine eligibility to apply for the
program, (2) kinds of background checks that should be used to certify
applicants' eligibility to enroll in the program and the entity who
should perform these checks, (3) security-screening procedures that
registered travelers should undergo and the differences between these
procedures and those for unregistered travelers, and (4) concerns that
the traveling public or others may have about equity, privacy, and
liability.[Footnote 6]
FAA Is Strengthening Air Traffic Control Security:
Since September 2001, FAA has continued to strengthen the security of
the nation's air traffic control computer systems and facilities in
response to 39 recommendations we made between May 1998 and December
2000. For example, FAA has established an information systems security
management structure under its Chief Information Officer, whose office
has developed an information systems security strategy, security
architecture (that is, an overall blueprint), security policies and
directives, and a security awareness training campaign. This office has
also managed FAA's incident response center and implemented a
certification and accreditation process to ensure that vulnerabilities
in current and future air traffic control systems are identified and
weaknesses addressed. Nevertheless, the office faces continued
challenges in increasing its intrusion detection capabilities,
obtaining accreditation for systems that are already operational, and
managing information systems security throughout the agency. In
addition, according to senior security officials, FAA has completed
assessments of the physical security of its staffed facilities, but it
has not yet accredited all of these air traffic control facilities as
secure in compliance with its own policy. Finally, FAA has worked
aggressively over the past 2 years to complete background
investigations of numerous contractor employees. However, ensuring that
all new contractors are assessed to determine which employees require
background checks, and that those checks are completed in a timely
manner, will be a continuing challenge for the agency.
Potential Vulnerabilities Remain in Several Aviation Sectors:
Although TSA has focused much effort and funding on ensuring that bombs
and other threat items are not carried onto commercial aircraft by
passengers or in their luggage, vulnerabilities remain, according to
aviation experts, TSA officials, and others. In particular, these
vulnerabilities affect air cargo, general aviation, and airport
perimeter security. For information on legislative proposals that would
address these potential vulnerabilities and other aviation security
issues, see appendix II.
Air Cargo Security:
As we and DOT's Inspector General have reported, vulnerabilities exist
in securing the cargo carried aboard commercial passenger and all-cargo
aircraft. TSA has reported that an estimated 12.5 million tons of cargo
are transported each year--9.7 million tons on all-cargo planes and 2.8
million tons on passenger planes. Some potential security risks
associated with air cargo include the introduction of undetected
explosive and incendiary devices in cargo placed aboard aircraft; the
shipment of undeclared or undetected hazardous materials aboard
aircraft; and aircraft hijackings and sabotage by individuals with
access to cargo aircraft.[Footnote 7] To address some of the risks
associated with air cargo, ATSA requires that all cargo carried aboard
commercial passenger aircraft be screened and that TSA have a system in
place as soon as practicable to screen, inspect, or otherwise ensure
the security of cargo on all-cargo aircraft. In August 2003, the
Congressional Research Service reported that less than 5 percent of
cargo placed on passenger airplanes is physically screened. TSA's
primary approach to ensuring air cargo security and safety and to
complying with the cargo-screening requirement in the act is the "known
shipper" program--which allows shippers that have established business
histories with air carriers or freight forwarders[Footnote 8] to ship
cargo on planes. However, we and DOT's Inspector General have
identified weaknesses in the known shipper program and in TSA's
procedures for approving freight forwarders.[Footnote 9]
Since September 2001, TSA has taken a number of actions to enhance
cargo security, such as implementing a database of known shippers in
October 2002. The database is the first phase in developing a cargo-
profiling system similar to the Computer-Assisted Passenger
Prescreening System. However, in December 2002, we reported that
additional operational and technological measures, such as checking the
identity of individuals making cargo deliveries, have the potential to
improve air cargo security in the near term.[Footnote 10] We further
reported that TSA lacks a comprehensive plan with long-term goals and
performance targets for cargo security, time frames for completing
security improvements, and risk-based criteria for prioritizing actions
to achieve those goals. Accordingly, we recommended that TSA develop a
comprehensive plan for air cargo security that incorporates a risk
management approach, includes a list of security priorities, and sets
deadlines for completing actions. TSA agreed with this recommendation
and expects to develop such a plan by the fall of 2003. It will be
important that this plan include a timetable for implementation and
that TSA expeditiously reduce the vulnerabilities in this area.
General Aviation Security:
Since September 2001, TSA has taken limited action to improve general
aviation security, leaving it far more open and potentially vulnerable
than commercial aviation.[Footnote 11] General aviation is vulnerable
because general aviation pilots are not screened before takeoff and the
contents of general aviation planes are not screened at any point.
General aviation includes more than 200,000 privately owned airplanes,
which are located in every state at more than 19,000 airports. Over 550
of these airports also provide commercial service. In the last 5 years,
about 70 aircraft have been stolen from general aviation airports,
indicating a potential weakness that could be exploited by terrorists.
Moreover, it was reported that the September 11 hijackers researched
the use of crop dusters to spread biological or chemical agents.
General aviation's vulnerability was revealed in January 2002, when a
Florida teenage flight student crashed a single-engine Cessna airplane
into a Tampa skyscraper.
FAA has since issued a notice with voluntary guidance for flight
schools and businesses that provide services for aircraft and pilots at
general aviation airports. The suggestions include using different keys
to gain access to an aircraft and start the ignition, not giving
students access to aircraft keys, ensuring positive identification of
flight students, and training employees and pilots to report suspicious
activities. However, because the guidance is voluntary, it is unknown
how many general aviation airports have implemented these measures.
We reported in June 2003 that TSA was working with industry
stakeholders as part of TSA's Aviation Security Advisory Council to
close potential security gaps in general aviation.[Footnote 12]
According to our recent discussions with industry representatives,
however, the stakeholders have not been able to reach a consensus on
the actions needed to improve security in general aviation. General
aviation industry representatives, such as the Aircraft Owners and
Pilots Association and General Aviation Manufacturers Association, have
opposed any restrictions on operating general aviation aircraft and
believe that small planes do not pose a significant risk to the
country. Nonetheless, some industry representatives indicated that the
application of a risk management approach would be helpful in
determining the next steps in improving general aviation security. (We
discuss risk management in more detail later in this testimony.) To
identify these next steps, TSA chartered a working group on general
aviation within the existing Aviation Security Advisory Committee, and
this working group is scheduled to report to the full committee in the
fall of 2003. We have ongoing work that is examining general aviation
security in further detail.
Figure 3: General Aviation Aircraft and Airport:
[See PDF for image]
[End of figure]
Airport Perimeter Security:
Airport perimeters present a potential vulnerability by providing a
route for individuals to gain unauthorized access to aircraft and
secure areas of airports (see fig. 4). For example, in August 2003, the
national media reported that three boaters wandered the tarmac at
Kennedy International Airport after their boat became beached near a
runway. In addition, terrorists could launch an attack using a
shoulder-fired missile from the perimeter of an airport, as well as
from locations just outside the perimeter. For example, in separate
incidents in the late 1970s, guerrillas with shoulder-fired missiles
shot down two Air Rhodesia planes. More recently, the national media
have reported that since September 2001, al Qaeda has twice tried to
down planes outside the United States with shoulder-fired
missiles.[Footnote 13]
We reported in June 2003 that airport operators have increased their
patrols of airport perimeters since September 2001, but industry
officials stated that they do not have enough resources to completely
protect against missile attacks.[Footnote 14] A number of technologies
could be used to secure and monitor airport perimeters, including
barriers, motion sensors, and closed-circuit television. Airport
representatives have cautioned that as security enhancements are made
to airport perimeters, it will be important for TSA to coordinate with
FAA and the airport operators to ensure that any enhancements do not
pose safety risks for aircraft. We have separate ongoing work examining
the status of efforts to improve airport perimeter security and
assessing the nature and extent of the threat from shoulder-fired
missiles.
Figure 4: Airport Perimeter:
[See PDF for image]
[End of figure]
Aviation Security Poses Longer-Term Management and Organizational
Challenges:
TSA's efforts to strengthen and sustain aviation security face several
longer-term challenges in the areas of risk management, funding,
coordination, strategic human capital management, and building a
results-oriented organization.
Risk Management:
As aviation security is viewed in the larger context of transportation
and homeland security, it will be important to set strategic priorities
so that national resources can be directed to the greatest needs.
Although TSA initially focused on increasing aviation security, it has
more recently begun to address security in the other transportation
modes. However, the size and diversity of the national transportation
system make it difficult to adequately secure, and TSA and the Congress
are faced with demands for additional federal funding for
transportation security that far exceed the additional amounts made
available. We have advocated the use of a risk management approach to
guide federal programs and responses to better prepare for and
withstand terrorist threats, and we have recommended that TSA use this
approach to strengthen security in aviation as well as in other
transportation modes.[Footnote 15] A risk management approach is a
systematic process to analyze threats, vulnerabilities, and the
criticality (or relative importance) of assets to better support key
decisions linking resources with prioritized efforts for results.
Comprehensive risk-based assessments support effective planning and
resource allocation. Figure 5 describes this approach.
Figure 5: Elements of a Risk Management Approach:
[See PDF for image]
[End of figure]
TSA agreed with our recommendation and has adopted a risk management
approach in attempting to enhance security across all transportation
modes. TSA's Office of Threat Assessment and Risk Management is
developing two assessment tools that will help assess criticality,
threats, and vulnerabilities. The first tool, which assesses
criticality, will arrive at a criticality score for a facility or
transportation asset by incorporating factors such as the number of
fatalities that could occur during an attack and the economic and
sociopolitical importance of the facility or asset. This score will
enable TSA, in conjunction with transportation stakeholders, to rank
facilities and assets within each mode and thus focus resources on
those that are deemed most important. TSA is working with another
Department of Homeland Security office--the Information Analysis and
Infrastructure Protection Directorate--to ensure that the criticality
tool will be consistent with the Department's overall approach for
managing critical infrastructure.
The second tool--the Transportation Risk Assessment and Vulnerability
Evaluation tool (TRAVEL)--will assess threats and analyze
vulnerabilities for all transportation modes. The tool produces a
relative risk score for potential attacks against a transportation
asset or facility. In addition, TRAVEL will include a cost-benefit
component that compares the cost of implementing a given countermeasure
with the reduction in relative risk due to that countermeasure. We
reported in June 2003 that TSA plans to use this tool to gather
comparable threat and vulnerability information across all
transportation modes. It is important for TSA to complete the
development of the two tools and use them to prepare action plans for
specific modes, such as aviation, and for transportation security
generally.
Funding:
Two key funding and accountability challenges will be (1) paying for
increased aviation security and (2) ensuring that these costs are
controlled. The costs associated with the equipment and personnel
needed to screen passengers and their baggage alone are huge. The
administration requested $4.2 billion for aviation security for fiscal
year 2004, which included about $1.8 billion for passenger screening
and $944 million for baggage screening.[Footnote 16] ATSA created a
passenger security fee to pay for the costs of aviation security, but
the fee has not generated enough money to do so. DOT's Inspector
General reported that the security fees are estimated to generate only
about $1.7 billion in fiscal year 2004.[Footnote 17]
A major funding issue is paying for the purchase and installation of
the remaining explosives detection systems for the airports that
received waivers, as well as for the reinstallation of the systems that
were placed in airport lobbies last year and now need to be integrated
into airport baggage-handling systems. Integrating the equipment with
the baggage-handling systems is expected to be costly because it will
require major facility modifications. For example, modifications needed
to integrate the equipment at Boston's Logan International Airport are
estimated to cost $146 million. Estimates for Dallas/Fort Worth
International Airport are $193 million. DOT's Inspector General has
reported that the cost of integrating the equipment nationwide could be
as high as $3 billion.
A key question is how to pay for these installation costs. Funds from
FAA's AIP grants and passenger facility charges are eligible sources
for funding this work.[Footnote 18] In fiscal year 2002, AIP grant
funds totaling $561 million were used for terminal modifications to
enhance security. However, using these funds for security reduced the
funding available for other airport development projects, such as
projects to bring airports up to federal design standards and
reconstruction projects. In February 2003, we identified letters of
intent[Footnote 19] as a funding option that has been successfully used
to leverage private sources of funding.[Footnote 20] TSA has since
signed letters of intent with three airports--Boston Logan, Dallas-Fort
Worth, and Seattle-Tacoma International Airports. Under the agreements,
TSA will pay 75 percent of the cost of integrating the explosives
detection equipment into the baggage-handling systems. The payments
will stretch out over 3 to 4 years. Airport representatives said that
about 30 more airports have requested similar agreements. The slow pace
of TSA's approval process has raised concerns about delays in
reinstalling and integrating explosives detection equipment with
baggage-handling systems--delays that will require more labor-
intensive and less efficient baggage screening by other approved means.
To provide financial assistance to airports for security-related
capital investments, such as the installation of explosives detection
equipment, proposed aviation reauthorization legislation[Footnote 21]
would establish an aviation security capital fund that would authorize
$2 billion over the next 4 years. The funding would be made available
to airports in letters of intent, and large-and medium-hub airports
would be expected to provide a match of 10 percent of a project's
costs. A 5 percent match would be required for all other airports. This
legislation would provide a dedicated source of funding for security-
related capital investments and could minimize the need to use AIP
funds for security.
An additional funding issue is how to ensure continued investment in
transportation research and development. For fiscal year 2003, TSA was
appropriated about $110 million for research and development, of which
$75 million was designated for the next-generation explosives detection
systems. However, TSA has proposed to reprogram $61.2 million of these
funds to be used for other purposes, leaving about $12.7 million to be
spent on research and development this year. This proposed
reprogramming could limit TSA's ability to sustain and strengthen
aviation security by continuing to invest in research and development
for more effective equipment to screen passengers, their carry-on and
checked baggage, and cargo. In ongoing work, we are examining the
nature and scope of research and development work by TSA and the
Department of Homeland Security, including their strategy for
accelerating the development of transportation security technologies.
By reprogramming funds and making acknowledged use of certain funds for
purposes other than those intended, TSA has raised congressional
concerns about accountability. According to TSA, it has proposed to
reprogram a total of $849.3 million during fiscal year 2003, including
the $61.2 million that would be cut from research and development and
$104 million that would be taken from the federal air marshal program
and used for unintended purposes. Because of these congressional
concerns, we were asked to investigate TSA's process for reprogramming
funds for the air marshal program and to assess the implications of the
proposed funding reductions in areas such as the numbers of hours flown
and flights taken. We have ongoing work to address these issues. To
ensure appropriate oversight and accountability, it is important that
TSA maintain clear and transparent communication with the Congress and
industry stakeholders about the use of its funds.
In July 2002, we reported that long-term attention to cost and
accountability controls for acquisition and related business processes
will be critical for TSA, both to ensure its success and to maintain
its integrity and accountability.[Footnote 22] According to DOT's
Inspector General, although TSA has made progress in addressing certain
cost-related issues, it has not established an infrastructure that
provides effective controls to monitor contractors' costs and
performance.[Footnote 23] For example, in February 2003, the Inspector
General reported that TSA's $1 billion hiring effort cost more than
most people expected and that TSA's contract with NCS Pearson to
recruit, assess, and hire the screener workforce contained no
safeguards to prevent cost increases. The Inspector General found that
TSA provided limited oversight for the management of the contract
expenses and, in one case, between $6 million and $9 million of the $18
million paid to a subcontractor appeared to be a result of wasteful and
abusive spending practices.[Footnote 24] As the Inspector General
recommended, TSA has since hired the Defense Contract Audit Agency to
audit its major contracts. To ensure control over TSA contracts, the
Inspector General has further recommended that the Congress set aside a
specific amount of TSA's contracting budget for overseeing contractors'
performance with respect to cost, schedule, and quality.[Footnote 25]
Coordination:
Sustaining the aviation security advancements of the past 2 years also
depends on TSA's ability to form effective partnerships with federal,
state, and local agencies and with the aviation community. Effective,
well-coordinated partnerships at the local level require identifying
roles and responsibilities; developing effective, collaborative
relationships with local and regional airports and emergency management
and law enforcement agencies; agreeing on performance-based standards
that describe desired outcomes; and sharing intelligence information.
The lynchpin in TSA's efforts to coordinate with airports and local law
enforcement and emergency response agencies is, according to the
agency, the 158 federal security directors and staff that TSA has
deployed nationwide. The security directors' responsibilities include
ensuring that standardized security procedures are implemented at the
nation's airports; working with state and local law enforcement
personnel, when appropriate, to ensure airport and passenger security;
and communicating threat information to airport operators and others.
Airport representatives, however, have indicated that the relationships
between federal security directors and airport operators are still
evolving and that better communication is needed at some airports.
Key to improving the coordination between TSA and local partners is
establishing clearly defined roles. In some cases, concerns have arisen
about conflicts between the roles of TSA, as the manager of security
functions at airports, and of airport officials, as the managers of
other airport operations. Industry representatives viewed such
conflicts as leading to confusion in areas such as communicating with
local entities. According to airport representatives, for example, TSA
has developed guidance or rules for airports without involving them,
and time-consuming changes have then had to be made to accommodate
operational factors. The representatives maintain that it would be more
efficient and effective to consider such operational factors earlier in
the process. Ultimately, inadequate coordination and unclear roles
result in inefficient uses of limited resources.
TSA also has to ensure that the terrorist and threat information
gathered and maintained by law enforcement and other agencies--
including the Federal Bureau of Investigation, the Immigration and
Naturalization Service, the Central Intelligence Agency, and the
Department of State--is quickly and efficiently communicated among
federal agencies and to state and local authorities, as needed.
Disseminating such information is important to allow those who are
involved in protecting the nation's aviation system to address
potential threats rather than simply react to known threats.
In aviation security, timely information sharing among agencies has
been hampered by the agencies' reluctance to share sensitive
information and by outdated, incompatible computer systems. As we found
in reviewing 12 watch lists maintained by nine federal agencies,
information was being shared among some of them but not among others.
Moreover, even when sharing was occurring, costly and overly complex
measures had to be taken to facilitate it.[Footnote 26] To promote
better integration and sharing of terrorist and criminal watch lists,
we have recommended that the Department of Homeland Security, in
collaboration with the other departments and agencies that have and use
watch lists, lead an effort to consolidate and standardize the federal
government's watch list structures and policies.[Footnote 27]
In addition, as we found earlier this year, representatives of numerous
state and local governments and transportation industry associations
indicated that the general threat warnings received by government
agencies are not helpful. Rather, they said, transportation operators,
including airport operators, want more specific intelligence
information so that they can understand the true nature of a potential
threat and implement appropriate security measures.[Footnote 28]
Strategic Human Capital Management:
As it organizes itself to protect the nation's transportation system,
TSA faces the challenge of strategically managing its workforce of more
than 60,000 people, most of whom are deployed at airports or on
aircraft to detect weapons and explosives and to prevent them from
being taken aboard and used on aircraft. Additionally, over the next
several years, TSA faces the challenge of "right-sizing" this workforce
as efficiency is improved with new security-enhancing technologies,
processes, and procedures. For example, as explosives detection systems
are integrated with baggage-handling systems, the use of more labor-
intensive screening methods, such as trace detection techniques and
manual searches of baggage, can be reduced. Other planned security
enhancements, such as CAPPS II and the registered traveler program,
also have the potential to make screening more efficient.
To assist agencies in managing their human capital more strategically,
we have developed a model that identifies cornerstones and related
critical success factors that agencies should apply and steps they can
take.[Footnote 29] Our model is designed to help agency leaders
effectively lead and manage their people and integrate human capital
considerations into daily decision-making and the program results they
seek to achieve.
In January 2003, we reported that TSA was addressing some critical
human capital success factors by hiring personnel, using a wide range
of tools available for hiring, and beginning to link individual
performance to organizational goals.[Footnote 30] However, concerns
remain about the size and training of that workforce, the adequacy of
the initial background checks for screeners, and TSA's progress in
setting up a performance management system. As noted earlier in this
testimony, TSA now plans to reduce its screener workforce by 6,000 by
September 30, 2003, and it has proposed cutting the workforce by an
additional 3,000 in fiscal year 2004. This planned reduction has raised
concerns about passenger delays at airports and has led TSA to begin
hiring part-time screeners to make more flexible and efficient use of
its workforce. In addition, TSA used an abbreviated background check
process to hire and deploy enough screeners to meet ATSA's screening
deadlines in 2002. After obtaining additional background information,
TSA terminated the employment of some of these screeners. TSA reported
1,208 terminations as of May 31, 2003, that it ascribed to a variety of
reasons, including criminal offenses and failures to pass alcohol and
drug tests. Furthermore, the national media have reported allegations
of operational and management control problems that emerged with the
expansion of the Federal Air Marshal Service, including inadequate
background checks and training, uneven scheduling, and inadequate
policies and procedures. In ongoing work, we are examining the
effectiveness of TSA's efforts to train, equip, and supervise passenger
screeners, and we are assessing the effects of expansion on the Federal
Air Marshal Service. In addition, we reported in January 2003 that TSA
had taken the initial steps in establishing a performance management
system linked to organizational goals. Such a system will be critical
for TSA to motivate and manage staff, ensure the quality of screeners'
performance, and, ultimately, restore public confidence in air travel.
Building a Results-Oriented Organization:
For TSA to sustain enhanced aviation security over the long term, it
will be important for the agency to continue to build a results-
oriented culture within the new Department of Homeland Security. To
help federal agencies successfully transform their cultures, as well as
the new Department of Homeland Security merge its various components
into a unified department, we identified key practices that have
consistently been found at the center of successful mergers,
acquisitions, and transformations.[Footnote 31] These key practices,
together with implementation strategies such as establishing a coherent
mission and integrated strategic goals to guide the transformation, can
help agencies become more results oriented, customer focused, and
collaborative. (See app. III.) These practices are particularly
important for the Department of Homeland Security, whose implementation
and transformation we have designated as high risk.[Footnote 32]
The Congress required TSA to adopt a results-oriented strategic
planning and reporting framework and, specifically, to provide an
action plan with goals and milestones to outline how acceptable levels
of performance for aviation security would be achieved. In prior work,
we reported that TSA has taken the first steps in performance planning
and reporting by defining its mission, vision, and values and that this
practice would continue to be important when TSA moved into the
Department of Homeland Security.[Footnote 33] Therefore, we recommended
that TSA take the next steps to implement results-oriented practices.
These steps included establishing performance goals and measures for
all modes of transportation as part of a strategic planning process
that involves stakeholders, defining more clearly the roles and
responsibilities of its various offices in collaborating and
communicating with stakeholders; and formalizing the roles and
responsibilities of governmental entities for transportation security.
Table 1 shows selected ATSA requirements, TSA's actions and plans, and
the next steps we recommended. TSA agreed with our recommendations.
Table 1: Requirements, Actions and Plans, and Recommended Next Steps
for Results-Oriented Practices:
ATSA requirements: Leadership commitment to creating a high-performing
organization: * Requires performance agreement between the Secretary of
DOT and the Under Secretary of Transportation for Security and between
the Under Secretary and TSA executives; TSA actions and plans:
Leadership commitment to creating a high-performing organization: *
Stated leadership commitment to creating a results-oriented culture in
its 180-day action plan; * Expressed plans to use the Baldrige
performance excellence criteria as a management tool to promote quality
and performance; * Established standardized performance agreements for
TSA executives; Next steps: Leadership commitment to creating a high-
performing organization: * Establish a performance agreement for the
Under Secretary of Transportation for Security that articulates how
bonuses will be tied to performance; * Add expectations in performance
agreements for top leadership to foster the culture of a high-
performing organization.
ATSA requirements: Leadership commitment to creating a high-performing
organization: * Requires a 5-year performance plan and annual
performance report consistent with the principles of the Government
Performance and Results Act; TSA actions and plans: Leadership
commitment to creating a high-performing organization: * Articulated
vision, mission, values, strategic goal, and performance goals and
measures; * Developed automated system to collect performance data to
demonstrate progress in meeting goals; * Aligned aviation security
performance goals and measures with DOT goals; * Reported it submitted
first annual performance report; Next steps: Leadership commitment to
creating a high-performing organization: * Establish security
performance goals and measures for all modes of transportation as part
of a strategic planning process that involves stakeholders; * Apply
practices that have been shown to provide useful information in agency
performance plans.
ATSA requirements: Leadership commitment to creating a high-performing
organization: * Requires a performance management system; * Requires
performance agreements for all employees that include organizational
and individual goals; TSA actions and plans: Leadership commitment to
creating a high-performing organization: * Established an interim
performance management system; * Created standardized performance
agreements for groups of employees that include organizational and
individual goals and standards of performance; Next steps: Leadership
commitment to creating a high-performing organization: * Build on the
current performance agreements to achieve additional benefits; *
Ensure the permanent performance management system makes meaningful
distinctions in performance; * Involve employees in developing its
permanent performance management system.
ATSA requirements: Leadership commitment to creating a high-performing
organization: * Requires TSA to work within and outside the government
to accomplish its mission; * Establishes a Transportation Security
Oversight Board to facilitate collaboration and communication; TSA
actions and plans: Leadership commitment to creating a high-performing
organization: * Established Offices of Security Regulation and Policy,
Communications and Public Information, Law Enforcement and Security
Liaison, and Legislative Affairs to collaborate and communicate with
stakeholders; * Convened the Oversight Board, which has met twice; *
Stated plans to use memorandums of understanding and memorandums of
agreement to formalize roles and responsibilities of TSA and other
agencies in transportation security; Next steps: Leadership commitment
to creating a high-performing organization: * Define more clearly the
collaboration and communication roles and responsibilities of TSA's
various offices; * Formalize roles and responsibilities among
governmental entities for transportation security.
ATSA requirements: Leadership commitment to creating a high-performing
organization: * Requires a 180-day action plan and two progress reports
within 6 months of enactment; TSA actions and plans: Leadership
commitment to creating a high-performing organization: * Submitted 180-
day action plan and both progress reports within established time
frames; * Maintains a Web site to provide information to the public;
* Created ombudsman position to serve customers; * Developed measures
to track customer satisfaction; * Reviewed and eliminated security
procedures that do not enhance security or customer service; * Stated
plans to develop a customer satisfaction index to analyze customer
opinions to improve performance; Next steps: Leadership commitment to
creating a high-performing organization: * Fill the ombudsman position
to facilitate responsiveness of TSA to the public; * Continue to
develop and implement mechanisms, such as the CSI, to gauge customer
satisfaction and improve customer service.
Source: GAO.
[End of table]
Concluding Observations:
After spending billions of dollars over the past 2 years on people,
policies, and procedures to improve aviation security, we have much
more security now than we had before September 2001, but it has not
been determined how much more secure we are. The vast number of guns,
knives, and other potential threat items that screeners have
confiscated suggests that security is working, but it also suggests
that improved public awareness of prohibited items could help focus
resources where they are most needed and reduce delays and
inconvenience to the public. Faced with vast and competing demands for
security resources, TSA should continue its efforts to identify
technologies, such as CAPPS II, that will leverage its resources and
potentially improve its capabilities. Improving the efficiency and
effectiveness of aviation security will also require risk assessments
and plans that help maintain a balance between security and customer
service.
Mr. Chairman, this concludes my statement. I would be pleased to answer
any questions that you or other members of the Committee may have.
Contact Information:
For further information on this testimony, please contact Gerald L.
Dillingham at (202) 512-2834. Individuals making key contributions to
this testimony include Elizabeth Eisenstadt, David Hooper, Jennifer
Kim, Heather Krause, Maren McAvoy, John W. Shumann, and Teresa Spisak.
[End of section]
Appendix I: Selected s in the Aviation and Transportation
Security Act and Their Status:
Table 2:
Deadline: Nov. 19, 2001;
Provisions[A]: Require new background checks
for those who have access to secure areas of the airport; Status:
Completed.
Provisions[A]: Dec. 19, 2001: Institute a 45-day waiting period
for aliens seeking flight training for planes of 12,500 pounds or
more; Status: Dec. 19, 2001: Completed.
Deadline: Dec. 19, 2001; Provisions[A]: Establish qualifications for
federal screeners; Status: Completed.
Provisions[A]: Jan. 18, 2002: Report to the Congress on
improving general aviation security; Status: Jan. 18, 2002:
Completed.
Deadline: Jan. 18, 2002; Provisions[A]: Screen all checked baggage in
U.S. airports using explosives detection systems, passenger-bag
matching, manual searches, canine units, or other approved means;
Status: Completed.
Provisions[A]: The Federal Aviation Administration (FAA) is
to develop guidance for air carriers to use in developing programs to
train flight and cabin crews to resist threats (within 60 days after
FAA issues the guidance, each airline is to develop a training program
and submit it to FAA; within 30 days of receiving a program, FAA is to
approve it or require revisions; within 180 days of receiving FAA's
approval, the airline is to complete the training of all flight and
cabin crews); Status: Guidance issued.
Provisions[A]: Develop a plan to train federal screeners;
Status: Completed.
Provisions[A]: Foreign and domestic carriers are to provide
electronic passenger and crew manifests to Customs for flights from
foreign countries to the United States; Status: Completed.
Provisions[A]: Feb. 17, 2002: Begin collecting the passenger
security fee; Status: Feb. 17, 2002: Completed.
Deadline: Feb. 17, 2002; Provisions[A]: The Under Secretary is to
assume civil aviation security functions from FAA; Status: Completed.
Provisions[A]: Implement an aviation security program for
charter carriers; Status: Completed.
Provisions[A]: Begin awarding grants for security-related
research and development; Status: Completed.
Provisions[A]: May 18, 2002: The National Institute of Justice
is to report to the Secretary on less-than-lethal weapons for flight
crew members; Status: May 18, 2002: Completed.
Deadline: May 18, 2002; Provisions[A]: Report to the Congress on the
deployment of baggage screening equipment; Status: Report submitted.
Provisions[A]: * Report to the Congress on progress in
evaluating and taking the following optional actions:; Status:
: Report submitted.
Provisions[A]: * Require 911 capability for onboard passenger
telephones; Status: * Completed.
Provisions[A]: * Establish uniform IDs for law enforcement
personnel carrying weapons on planes or in secure areas; Status:
* Ongoing.
Provisions[A]: * Establish requirements for trusted traveler
programs; Status: * Ongoing.
Provisions[A]: * Develop alternative security procedures to
avoid damage to medical products; Status: * Completed.
Provisions[A]: * Provide for the use of secure communications
technologies to inform airport security forces about passengers who are
identified on security databases; Status: * Ongoing.
Provisions[A]: * Require pilot licenses to include a
photograph and biometric identifiers; Status: * Ongoing.
Provisions[A]: * Use voice stress analysis, biometric, or
other technologies to prevent high-risk passengers from boarding;
Status: * Ongoing.
Provisions[A]: * Provide for the use of instant
communications technology between planes and ground; Status:
* Ongoing.
Deadline: Nov. 19, 2002; Provisions[A]: Deploy federal screeners,
security managers, and law enforcement officers to screen passengers
and property; Status: Completed.
Provisions[A]: Report to the Congress on screening for small
aircraft with 60 or fewer seats; Status: Report submitted.
Provisions[A]: Dec. 31, 2002: Establish pilot program to
contract with private screening companies (program to last until Nov.
19, 2004); Status: Dec. 31, 2002: Completed.
Deadline: Dec. 31, 2002; Provisions[A]: Screen all checked baggage by
explosives detection systems; Status: Ongoing.
No Deadline: Provisions[A]: Carriers are to transfer
screening property to TSA; Status: Completed.
Provisions[A]: FAA is to issue an order prohibiting access to
the flight deck, requiring strengthened cabin doors, requiring that
cabin doors remain locked, and prohibiting possession of a key for all
but the flight deck crew; Status: Completed.
Provisions[A]: Improve perimeter screening of all
individuals, goods, property, and vehicles; Status: Ongoing.
Provisions[A]: Screen all cargo on passenger flights and
cargo-only flights; Status: Ongoing.
Provisions[A]: Establish procedures for notifying FAA, state
and local law enforcement officers, and airport security of known
threats; Status: Completed.
Provisions[A]: Establish procedures for airlines to identify
passengers who pose a potential security threat; Status:
Ongoing.
Provisions[A]: FAA is to develop and implement methods for
using cabin video monitors, continuously operating transponders, and
notifying flight deck crew of a hijacking; Status: Ongoing.
Provisions[A]: Require flight training schools to conduct
security awareness programs for employees; Status:
Completed.
Provisions[A]: Work with airport operators to strengthen
access control points and consider deploying technology to improve
security access; Status: Ongoing.
Provisions[A]: Provide operational testing for screeners;
Status: Ongoing.
Provisions[A]: Assess dual-use items that seem harmless but
could be dangerous and inform screening personnel; Status:
Ongoing.
Provisions[A]: Establish a system for measuring staff
performance; Status: Ongoing.
Provisions[A]: Establish management accountability for
meeting performance goals; Status: Ongoing.
Provisions[A]: Provisions[A]: Periodically review threats to
civil aviation, including chemical and biological weapons; Status:
Status: Ongoing.
Source: TSA.
[A] Except where otherwise indicated, the Transportation Security
Administration (TSA) is responsible for implementing the provisions.
[End of section]
Appendix II: Bills Related to Aviation Security:
H.R. 2144 - Aviation Security Technical Corrections and Improvements
Act - Many of the important provisions of this bill have been
incorporated into the Conference Report version of the FAA
Reauthorization Act, H.R. 2115.
S. 1409 - Rebuild America Act of 2003 - Establishes a new grant program
in the Department of Homeland Security (DHS) for airport security
improvements, including projects to replace baggage conveyer systems
and projects to reconfigure terminal baggage areas as needed to install
explosives detection systems. The Under Secretary for Border and
Transportation Security is authorized to issue letters of intent to
airports for these types of projects. One billion dollars is authorized
for this program.
H.R. 2555 - House and Senate versions of the Department of Homeland
Security Appropriations Act for 2004:
House version - Makes fiscal year 2004 appropriations of $3.679 billion
for the Transportation Security Administration (TSA) to provide civil
aviation security services (aviation security, federal air marshals,
maritime and land security, intelligence, research and development, and
administration):
* $1.673 billion for passenger screening activities,
* $1.285 billion for baggage screening activities,
* $721 million for airport support and enforcement presence,
* $235 million for physical modifications of airports to provide for
the installation of checked baggage explosives detection systems, and:
* $100 million for the procurement of the explosives detection systems.
Continues to cap the number of screeners at 45,000 full-time equivalent
positions.
Prohibits the use of funds authorized in this act to pursue or adopt
regulations requiring airport sponsors to provide, without cost to TSA,
building construction, maintenance, utilities and expenses, or space
for services relating to aviation security (excluding space for
necessary checkpoints).
Senate Version of H.R. 2555 - Makes fiscal year 2004 appropriations of
$4.524 billion for TSA to provide civil aviation security services:
* $3.185 billion for screening activities,
* $1.339 billion for airport support and enforcement presence,
* $309 million for physical modifications of airports to provide for
the installation of checked baggage explosives detection systems, and:
* $151 million for the procurement of the explosives detection systems.
Prohibits the use of funds authorized in this act to pursue or adopt
regulations requiring airport sponsors to provide, without cost to TSA,
building construction, maintenance, utilities and expenses, or space
for services relating to aviation security (excluding space for
necessary checkpoints).
Prohibits the use of funds authorized in this act for the Computer
Assisted Passenger Prescreening System (CAPPS II) until GAO has
reported to the Committees on Appropriations that certain requirements
have been met, including (1) the existence of a system of due process
by which passengers considered to pose a threat may appeal their delay
or prohibition from boarding a flight; (2) that the underlying error
rate of databases will not produce a large number of false positives
that will result in a significant number of passengers being treated
mistakenly or security resources being diverted; (3) that TSA has
stressed-tested and demonstrated the efficacy and predictive accuracy
of all search tools in CAPPS II; and (4) that the Secretary has
established an internal oversight board to monitor the manner in which
CAPPS II is being developed and prepared.
Requires a report from the Secretary of Homeland Security on actions
taken to develop countermeasures for commercial aircraft against
shoulder-fired missile systems and vulnerability assessments of this
threat for larger airports.
H.R. 2115 - Flight 100 - Century of Aviation Reauthorization Act -
Conference Report version - Gives FAA the authority to take a
certificate action if it is notified by DHS that the holder of the
certificate presents a security threat.
Gives the Secretary of Transportation the authority to make grants to
general aviation entities (including airports, operators, and
manufacturers) to reimburse them for security costs incurred and
revenues lost because of restrictions imposed by the federal government
in response to the events of September 11. The bill authorizes $100
million for these grants.
Authorizes DHS to reimburse air carriers and airports for all security
screening activities they are still performing, such as for providing
catering services and checking documents at security checkpoints and
for providing the space and facilities used to perform screening
functions to the extent funds are available.
Requires air carriers to carry out a training program for flight and
cabin crews to prepare for possible threat conditions. TSA is required
to establish minimum standards for this training within 1 year of the
act's passage.
Requires DHS to report in 6 months on the effectiveness of aviation
security, specifically including the air marshal program; hardening of
cockpit doors; and security screening of passengers, checked baggage,
and cargo.
Establishes within DHS a grant program to airport sponsors for (1)
projects to replace baggage conveyer systems related to aviation
security; (2) projects to reconfigure terminal baggage areas as needed
to install explosives detection systems; and (3) projects to enable the
Under Secretary for Border and Transportation Security to deploy
explosives detection systems behind the ticket counter, in the baggage
sorting area, or in line with the baggage handling system. Requires
$250 million annually from the existing aviation security fee that is
paid by airline passengers to be deposited in an Aviation Security
Capital Fund and made available to finance this grant program.
Requires TSA to certify that civil liberty and privacy issues have been
addressed before implementing CAPPS II and requires GAO to assess TSA's
compliance 3 months after TSA makes the required certification.
Allows cargo pilots to carry guns under the same program for pilots of
passenger airlines. Permits an off-duty pilot to transport the gun in a
lockbox in the passenger cabin rather than in the baggage hold. Also
provides that both passenger and cargo pilots should be treated
equitably in their access to training.
Requires security audits of all foreign repair stations within 18
months after TSA issues rules governing the audits. The rules must be
issued within 240 days of enactment.
Requires background checks on aliens seeking flight training in
aircraft regardless of the size of the aircraft. For all training on
small aircraft, includes a notification requirement but no waiting
period. For training on larger aircraft, adopts an expedited procedure
if the applicant already has training, a license, or a background
check, and adopts a 30-day waiting period for first-time training on
large aircraft. Makes TSA responsible for the background check.
Requires TSA to issue an interim final rule in 60 days to implement
this section. This section takes effect when that rule becomes
effective.
S.236 - Background Checks for Foreign Flight School Applicants - Amends
federal aviation law to require a background check of alien flight
school applicants without regard to the maximum certificated weight of
the aircraft for which they seek training. (Currently, a background
check is required for flight crews operating aircraft with a maximum
certificated takeoff weight of 12,500 pounds or more.):
S. 165 - Air Cargo Security Act - House companion bill (H.R. 1103) -
Amends federal aviation law to require the screening of cargo that is
to be transported in passenger aircraft operated by domestic and
foreign air carriers in interstate air transportation. Directs TSA to
develop a strategic plan to carry out such screening. Requires the
establishment of systems that (1) provide for the regular inspection of
shipping facilities for cargo shipments; (2) provide an industrywide
pilot program database of known shippers of cargo; (3) train persons
that handle air cargo to ensure that such cargo is properly handled and
safeguarded from security breaches; and (4) require air carriers
operating all-cargo aircraft to have an approved plan for the security
of their air operations area, the cargo placed aboard the aircraft, and
persons having access to their aircraft on the ground or in flight.
H.R. 1366 - Aviation Industry Stabilization Act - Requires the Under
Secretary for Border and Transportation Security, after all cockpit
doors are strengthened, to consider and report to the Congress on
whether it is necessary to require federal air marshals to be seated in
the first class cabin of an aircraft with strengthened cockpit doors.
Requires the Under Secretary to (1) undertake action necessary to
improve the screening of mail so that it can be carried on passenger
flights and (2) reimburse air carriers for certain screening and
related activities, as well as the cost of fortifying cockpit doors,
and for any financial losses attributed to the loss of air traffic
resulting from the use of force against Iraq in calendar year 2003.
Establishes an air cargo security working group composed of various
groups to develop recommendations on the enhancement of the current
known shipper program.
H. R. 115 - Aviation Biometric Badge Act - Amends federal aviation law
to direct TSA to require by regulation that each security screener (or
employee who has unescorted access, or may permit other individuals to
have unescorted access, to an aircraft or a secured area of the
airport) be issued a biometric security badge that identifies a person
by fingerprint or retinal recognition.
H. R. 1049 - Arming Cargo Pilots Against Terrorism Act - Senate
companion bill (S. 516) - Expresses the sense of Congress that a flight
deck crew member of a cargo aircraft should be armed with a firearm to
defend such aircraft against attacks by terrorists that could use the
aircraft as a weapon of mass destruction or for other terrorist
purposes. Amends federal transportation law to authorize the training
and arming of flight deck crew members (pilots) of all-cargo air
transportation flights to prevent acts of criminal violence or air
piracy.
H.R. 765 - (No title) - Legislation to arm cargo pilots - Amends
federal aviation law to allow cargo pilots (not just air passenger
pilots) to participate in the federal flight deck officer program.
H.R. 580 - Commercial Airline Missile Defense Act - Senate companion
bill - S. 311 - Directs the Secretary of Transportation to issue
regulations that require all turbojet aircraft of air carriers to be
equipped with a missile defense system. Requires the Secretary to
purchase such defense systems and make them available to all air
carriers. Sets forth certain interim security measures to be taken
before the deployment of such defense systems.
[End of section]
Appendix III: Key Practices and Implementation Steps for Mergers and
Organizational Transformations:
Table 3:
Practice: Ensure top leadership drives the transformation;
Implementation step:
* Define and articulate a succinct and compelling reason for
change;
* Balance continued delivery of services with merger and
transformation activities.
Practice: Establish a coherent mission and integrated strategic goals
to guide the transformation;
Implementation step:
* Adopt leading practices for results-oriented strategic planning and
reporting.
Practice: Focus on a key set of principles and priorities at the
outset of the transformation;
Implementation step:
* Embed core values in every aspect of the organization to reinforce
the new culture.
Practice: Set implementation goals and a time line to build momentum
and show progress from day one;
Implementation step:
* Make public implementation goals and a time line;
* Seek and monitor employee attitudes and take appropriate follow-up
actions;
* dentify cultural features of merging organizations to increase
understanding of former work environments;
* Attract and retain key talent;
* Establish an organizationwide knowledge and skills inventory to
exchange knowledge among merging organizations.
Practice: Dedicate an implementation team to manage the transformation
process;
Implementation step:
* Establish networks to support the implementation team;
* Select high-performing team members.
Practice: Use the performance management system to define
responsibility and ensure accountability for change;
Implementation step:
* Adopt leading practices to implement effective performance
management systems with adequate safeguards.
Practice: Establish a communication strategy to create shared
expectations and report related progress;
Implementation step:
* Communicate early and often to build trust;
* Ensure consistency of message;
* Encourage two-way communication;
* Provide information to meet specific needs of employees.
Practice: Involve employees to obtain their ideas and gain their
ownership for the transformation;
Implementation step:
* Use employee teams;
* Involve employees in planning and sharing performance information;
* Incorporate employee feedback into new policies and procedures;
* Delegate authority to appropriate organizational levels.
Practice: Build a world-class organization;
Implementation step:
* Adopt leading practices to build a world-class organization.
Source: GAO.
[End of table]
[End of section]
Appendix IV: GAO Active Engagements Related to Aviation Security:
Transportation Security Research and Development Programs at DHS and
TSA:
Key Questions: (1) What were the strategy and organizational structure
for transportation security research and development (R&D) prior to 9/
11 and what is the current strategy and structure? (2) How do DHS and
TSA select their transportation security R&D projects and what projects
are in their portfolios? (3) What are DHS's and TSA's goals and
strategies for accelerating the development of transportation security
technologies? (4) What are the nature and scope of coordination of R&D
efforts between DHS and TSA, as well as with other public and private
sector research organizations?
Federal Air Marshal Service:
Key Questions: (1) How has the federal air marshal program evolved, in
terms of recruiting, training, retention, and operations since its
management was transferred to TSA? (2) To what extent has TSA
implemented the internal controls needed to meet the program's
operational and management control challenges? (3) To what extent has
TSA developed plans and initiatives to sustain the program and
accommodate its future growth and maturation?
TSA Baggage Screening:
Key Questions: (1) What are the status and associated costs of TSA's
efforts to acquire, install, and operate explosives detection equipment
(electronic trace detection technology and explosives detection
systems) to screen all checked baggage by December 31, 2003? (2) What
are the benefits and trade-offs--to include costs, operations, and
performance--of using alternative explosives detection technologies
currently available for baggage screening?
Reprogramming of Air Marshal Program Funds:
Key Questions: (1) Describe the internal preparation, review, and
approval process for DHS's reprogrammings and, specifically, the
process for the May 15 and July 25 reprogramming requests for the air
marshal program. (2) Determine whether an impoundment or deferral
notice should have been sent to the Congress and any other associated
legal issues. (3) Identify the implications, for both the air marshal
program and other programs, of the pending reprogramming request.
General Aviation Security:
Key Questions: (1) How have security concerns and measures changed at
general aviation airports since September 11, 2001? (2) What steps has
TSA taken to improve general aviation security?
Background Checks for Banner-Towing Aircraft:
Key Questions: (1) What are the procedures for conducting background
and security checks for pilots of small banner-towing aircraft
requesting waivers to perform stadium overflights? (2) To what extent
have these procedures been followed in conducting required background
and security checks since September 11, 2001? (3) How effective have
these procedures been in reducing risks to public safety?
TSA's Computer Assisted Passenger Prescreening System II (CAPPS II):
Key Questions: (1) How will the CAPPS II system function and what data
will be needed to make the system operationally effective? (2) What
safeguards will be put in place to protect the traveling public's
privacy? (3) What systems and measures are in place to determine
whether CAPPS II will result in improved national security? (4) What
impact will CAPPS II have on the traveling public and on the airline
industry in terms of costs, delays, risks, inconvenience, and other
factors?
TSA Passengers Screening Program:
Key Questions: (1) What efforts have been taken or planned to ensure
that passenger screeners comply with federal standards and other
criteria, including efforts to train, equip, and supervise passenger
screeners? (2) What methods does TSA use to test screeners'
performance, and what have been the results of these tests? (3) How
have the results of tests of TSA passenger screeners compared with the
results achieved by screeners before September 11, 2001, and at five
pilot program airports? (4) What actions is TSA taking to remedy
performance concerns?
TSA's Efforts to Implement Sections 106, 136, and 138 of the Aviation
and Transportation Security Act:
Key Questions: What is the status of TSA's efforts to implement (1)
section 106 of the act requiring improved airport perimeter access
security, (2) section 136 requiring the assessment and deployment of
commercially available security practices and technologies, and (3)
section 138 requiring background investigations for TSA and other
airport employees?
Assessment of the Portable Air Defense Missile Threat:
Key Questions: (1) What are the nature and extent of the threat from
man-portable air defense systems (MANPAD)? (2) How effective are U.S.
controls on the use of exported MANPADs? (3) How do multilateral
efforts attempt to stem MANPAD proliferation? (4) What types of
countermeasures are available to minimize this threat and at what cost?
Airline Assistance Determination of Whether the $5 Billion Provided by
P.L. 107-42 Was Used to Compensate the Nation's Major Air Carriers for
Their Losses Stemming from the Events of Sept. 11, 2001:
Key Questions: (1) Was the $5 billion used only to compensate major air
carriers for their uninsured losses incurred as a result of the
terrorist attacks? (2) Were carriers reimbursed, per the act, only for
increases in insurance premiums resulting from the attacks?
TSA's Use of Sole-Source Contracts:
Key Questions: (1) To what extent does TSA follow applicable
acquisition laws and policies, including those for ensuring adequate
competition? (2) How well does TSA's organizational structure
facilitate effective, efficient procurement? (3) How does TSA ensure
that its acquisition workforce is equipped to award and oversee
contracts? (4) How well do TSA's policies and processes ensure that TSA
receives the supplies and services it needs on time and at reasonable
cost?
[End of section]
Related GAO Products:
Aviation Security:
Transportation Security: Federal Action Needed to Help Address Security
Challenges. GAO-03-843. Washington, D.C.: June 30, 2003.
Transportation Security: Post-September 11th Initiatives and Long-Term
Challenges. GAO-03-616T. Washington, D.C.: April 1, 2003.
Aviation Security: Measures Needed to Improve Security of Pilot
Certification Process. GAO-03-248NI. Washington, D.C.: February 3,
2003. (NOT FOR PUBLIC DISSEMINATION):
Aviation Security: Vulnerabilities and Potential Improvements for the
Air Cargo System. GAO-03-286NI. Washington, D.C.: December 20, 2002.
(NOT FOR PUBLIC DISSEMINATION):
Aviation Security: Vulnerabilities and Potential Improvements for the
Air Cargo System. GAO-03-344. Washington, D.C.: December 20, 2002.
Aviation Security: Vulnerability of Commercial Aviation to Attacks by
Terrorists Using Dangerous Goods. GAO-03-30C. Washington, D.C.:
December 3, 2002.
Aviation Security: Registered Traveler Program Policy and
Implementation Issues. GAO-03-253. Washington, D.C.: November 22, 2002.
Aviation Security: Transportation Security Administration Faces
Immediate and Long-Term Challenges. GAO-02-971T. Washington, D.C.: July
25, 2002.
Aviation Security: Information Concerning the Arming of Commercial
Pilots. GA0-02-822R. Washington, D.C.: June 28, 2002.
Aviation Security: Deployment and Capabilities of Explosive Detection
Equipment. GAO-02-713C. Washington, D.C.: June 20, 2002. (CLASSIFIED):
Aviation Security: Information on Vulnerabilities in the Nation's Air
Transportation System. GAO-01-1164T. Washington, D.C.: September 26,
2001. (NOT FOR PUBLIC DISSEMINATION):
Aviation Security: Information on the Nation's Air Transportation
System Vulnerabilities. GAO-01-1174T. Washington, D.C.: September 26,
2001. (NOT FOR PUBLIC DISSEMINATION):
Aviation Security: Vulnerabilities in, and Alternatives for, Preboard
Screening Security Operations. GAO-01-1171T. Washington, D.C.:
September 25, 2001.
Aviation Security: Weaknesses in Airport Security and Options for
Assigning Screening Responsibilities. GAO-01-1165T. Washington, D.C.:
September 21, 2001.
Aviation Security: Terrorist Acts Demonstrate Urgent Need to Improve
Security at the Nation's Airports. GAO-01-1162T. Washington, D.C.:
September 20, 2001.
Aviation Security: Terrorist Acts Illustrate Severe Weaknesses in
Aviation Security. GAO-01-1166T. Washington, D.C.: September 20, 2001.
Responses of Federal Agencies and Airports We Surveyed about Access
Security Improvements. GAO-01-1069R. Washington, D.C.: August 31, 2001.
Responses of Federal Agencies and Airports We Surveyed about Access
Security Improvements. GAO-01-1068R. Washington, D.C.: August 31, 2001.
(RESTRICTED):
FAA Computer Security: Recommendations to Address Continuing
Weaknesses. GAO-01-171. Washington, D.C.: December 6, 2000.
Aviation Security: Additional Controls Needed to Address Weaknesses in
Carriage of Weapons Regulations. GAO/RCED-00-181. Washington, D.C.:
September 29, 2000.
FAA Computer Security: Actions Needed to Address Critical Weaknesses
That Jeopardize Aviation Operations. GAO/T-AIMD-00-330. Washington,
D.C.: September 27, 2000.
FAA Computer Security: Concerns Remain Due to Personnel and Other
Continuing Weaknesses. GAO/AIMD-00-252. Washington, D.C.: August 16,
2000.
Aviation Security: Long-Standing Problems Impair Airport Screeners'
Performance. GAO/RCED-00-75. Washington, D.C.: June 28, 2000.
Aviation Security: Screeners Continue to Have Serious Problems
Detecting Dangerous Objects. GAO/RCED-00-159. Washington, D.C.: June
22, 2000. (NOT FOR PUBLIC DISSEMINATION):
Computer Security: FAA Is Addressing Personnel Weaknesses, but Further
Action Is Required. GAO/AIMD-00-169. Washington, D.C.: May 31, 2000.
Security: Breaches at Federal Agencies and Airports. GAO-OSI-00-10.
Washington, D.C.: May 25, 2000.
Aviation Security: Screener Performance in Detecting Dangerous Objects
during FAA Testing Is Not Adequate. GAO/T-RCED-00-143. Washington,
D.C.: April 6, 2000. (NOT FOR PUBLIC DISSEMINATION):
Combating Terrorism: How Five Foreign Countries Are Organized to Combat
Terrorism. GAO/NSIAD-00-85. Washington, D.C.: April 7, 2000.
Aviation Security: Vulnerabilities Still Exist in the Aviation Security
System. GAO/T-RCED/AIMD-00-142. Washington, D.C.: April 6, 2000.
U.S. Customs Service: Better Targeting of Airline Passengers for
Personal Searches Could Produce Better Results. GAO/GGD-00-38.
Washington, D.C.: March 17, 2000.
Aviation Security: Screeners Not Adequately Detecting Threat Objects
during FAA Testing. GAO/T-RCED-00-124. Washington, D.C.: March 16,
2000. (NOT FOR PUBLIC DISSEMINATION):
Aviation Security: Slow Progress in Addressing Long-Standing Screener
Performance Problems. GAO/T-RCED-00-125. Washington, D.C.: March 16,
2000.
Computer Security: FAA Needs to Improve Controls Over Use of Foreign
Nationals to Remediate and Review Software. GAO/AIMD-00-55. Washington,
D.C.: December 23, 1999.
Aviation Security: FAA's Actions to Study Responsibilities and Funding
for Airport Security and to Certify Screening Companies. GAO/RCED-99-
53. Washington, D.C.: February 24, 1999.
Aviation Security: FAA's Deployments of Equipment to Detect Traces of
Explosives. GAO/RCED-99-32R. Washington, D.C.: November 13, 1998.
Air Traffic Control: Weak Computer Security Practices Jeopardize Flight
Safety. GAO/AIMD-98-155. Washington, D.C.: May 18, 1998.
Aviation Security: Progress Being Made, but Long-Term Attention Is
Needed. GAO/T-RCED-98-190. Washington, D.C.: May 14, 1998.
Air Traffic Control: Weak Computer Security Practices Jeopardize Flight
Safety. GAO/AIMD-98-60. Washington, D.C.: April 29, 1998. (LIMITED
OFFICIAL USE -DO NOT DISSEMINATE):
Aviation Security: Implementation of Recommendations Is Under Way, but
Completion Will Take Several Years. GAO/RCED-98-102. Washington, D.C.:
April 24, 1998.
Combating Terrorism: Observations on Crosscutting Issues. T-NSIAD-98-
164. Washington, D.C.: April 23, 1998.
Aviation Safety: Weaknesses in Inspection and Enforcement Limit FAA in
Identifying and Responding to Risks. GAO/RCED-98-6. Washington, D.C.:
February 27, 1998.
Aviation Security: FAA's Procurement of Explosives Detection Devices.
GAO/RCED-97-111R. Washington, D.C.: May 1, 1997.
Aviation Security: Commercially Available Advanced Explosives
Detection Devices. GAO/RCED-97-ll9R. Washington, D.C.: April 24, 1997.
Aviation Safety and Security: Challenges to Implementing the
Recommendations of the White House Commission on Aviation Safety and
Security. GAO/T-RCED-97-90. Washington, D.C.: March 5, 1997.
Aviation Security: Technology's Role in Addressing Vulnerabilities.
GAO/T-RCED/NSIAD-96-262. Washington, D.C.: September 19, 1996.
Aviation Security: Oversight of Initiatives Will Be Needed. C-GAO/T-
RCED/NSIAD-96-20. Washington, D.C.: September 17, 1996. (CLASSIFIED):
Aviation Security: Urgent Issues Need to Be Addressed. GAO/T-RCED/
NSIAD-96-251. Washington, D.C.: September 11, 1996.
Aviation Security: Immediate Action Needed to Improve Security. GAO/T-
RCED/NSIAD-96-237. Washington, D.C.: August 1, 1996.
Aviation Security: FAA Can Help Ensure That Airports' Access Control
Systems Are Cost Effective. GAO/RCED-95-25. Washington, D.C.: March 1,
1995.
Aviation Security: Development of New Security Technology Has Not Met
Expectations. GAO/RCED-94-142. Washington, D.C.: May 19, 1994.
Aviation Security: Additional Actions Needed to Meet Domestic and
International Challenges. GAO/RCED-94-38. Washington, D.C.: January
27, 1994.
Other:
Homeland Security: Information Sharing Responsibilities, Challenges,
and Key Management Issues. GAO-03-715T. Washington, D.C.: May 3, 2003.
Information Technology: Terrorist Watch Lists Should Be Consolidated to
Promote Better Integration and Sharing. GAO-03-322. Washington, D.C.:
April 15, 2003.
Combating Terrorism: Observations on National Strategies Related to
Terrorism. GAO-03-519T. Washington, D.C.: March 3, 2003.
Transportation Security Administration: Actions and Plans to Build a
Results-Oriented Culture. GAO-03-190. Washington, D.C.: January 17,
2003.
Major Management Challenges and Program Risks: Department of Homeland
Security. GAO-03-102. Washington, D.C.: January 1, 2003.
Major Management Challenges and Program Risks: Department of
Transportation. GAO-03-108. Washington, D.C.: January 2003.
National Preparedness: Integration of Federal, State, Local, and
Private Sector Efforts Is Critical to an Effective National Strategy
for Homeland Security. GAO-02-621T. Washington, D.C.: April 11, 2002.
Homeland Security: Progress Made, More Direction and Partnership
Sought. GAO-02-490T. Washington, D.C.: March 12, 2002.
A Model of Human Capital Management. GAO-02-373SP. Washington, D.C.:
March 2002.
A Model of Human Capital Management. GAO-02-373SP. Washington, D.C.:
March 2002.:
FOOTNOTES
[1] U.S. General Accounting Office, Aviation Security: Long-Standing
Problems Impair Airport Screeners' Performance, GAO/RCED-00-75
(Washington, D.C.: June 28, 2000) and U.S. General Accounting Office,
Aviation Security: Terrorist Acts Illustrate Severe Weaknesses in
Aviation Security, GAO-01-1166T (Washington, D.C.: Sept. 20, 2001).
[2] U.S. General Accounting Office, Security: Breaches at Federal
Agencies and Airports, GAO-OSI-0010 (Washington, D.C.: May 25, 2000).
[3] U.S. General Accounting Office, Aviation Security: Weak Computer
Security Practices Jeopardize Flight Safety, GAO/AIMD-98-155
(Washington, D.C.: May 18, 1998); Computer Security: FAA Needs to
Improve Controls over Use of Foreign Nationals to Remediate and Review
Software, GAO/AIMD-00-55 (Washington, D.C.: Dec. 23, 1999); Computer
Security: FAA Is Addressing Personnel Weaknesses, but Further Action Is
Required, GAO/AIMD-00-169 (Washington, D.C.: May 31, 2000); FAA
Computer Security: Concerns Remain Due to Personnel and Other
Continuing Weaknesses, GAO/AIMD-00-252 (Washington, D.C.: Aug. 16,
2000); and FAA Computer Security: Recommendations to Address Continuing
Weaknesses, GAO-01-171 (Washington, D.C.: Dec. 6, 2000).
[4] Explosives detection machines are used to screen baggage for
explosives and work by using CAT scan X-ray technology to take
fundamental measurements of materials in bags to recognize
characteristic signatures of threat explosives. Explosives trace
detection systems (trace detection machines) are used to screen baggage
for explosives, and work by detecting vapors and residues of
explosives.
[5] Under 49 C.F.R. sec. 1542.101, all qualified airports are required
to have a TSA-approved security program that includes procedures to
control movement within the secured area, including identification
media required under sec. 1542.201(b)(3).
[6] U.S. General Accounting Office, Aviation Security: Registered
Traveler Program Policy and Implementation Issues, GAO-03-253
(Washington, D.C.: Nov. 22, 2002).
[7] For example, on November 15, 1979, an explosive device contained in
a parcel shipped by U.S. mail exploded aboard an American Airlines
flight; on April 7, 1994, a Federal Express employee attempted to
hijack a company plane and crash it into the company's headquarters. We
reported on the security risks associated with dangerous goods in
Aviation Security: Vulnerability of Commercial Aviation to Attacks by
Terrorists Using Dangerous Goods, GAO-03-30C (Washington, D.C.: Dec. 3,
2002).
[8] Freight forwarders consolidate shipments and deliver them to air
carriers and cargo facilities of passenger and all-cargo air carriers.
[9] U.S. General Accounting Office, Aviation Security: Vulnerabilities
and Potential Improvements for the Air Cargo System, GAO-03-344
(Washington, D.C.: Dec. 20, 2002).
[10] GAO-03-344.
[11] For example, TSA issued a rule requiring that certain aircraft
operators using aircraft with a maximum takeoff weight of 12,500 pounds
or more carry out security measures, including conducting criminal
history records checks on their flight crew members and restricting
access to the flight deck. This rule went into effect in April 2003.
[12] U.S. General Accounting Office, Transportation Security: Federal
Action Needed to Help Address Security Challenges, GAO-03-843
(Washington, D.C.: June 30, 2003).
[13] The Department of Homeland Security is assessing proposals from
eight contractors for technology to protect commercial aircraft from
shoulder-fired missile attack.
[14] GAO-03-843.
[15] U.S. General Accounting Office, Homeland Security: A Risk
Management Approach Can Guide Preparedness Efforts, GAO-02-208T
(Washington, D.C.: Oct. 31, 2001); and GAO-03-344.
[16] The House agreed to $3.7 billion in funding for TSA and the Senate
approved $4.5 billion.
[17] TSA suspended the security fees from June 1 to September 30, 2003,
as mandated by the Emergency Wartime Supplemental Appropriations Act of
2003.
[18] With FAA's approval, commercial airports may charge boarding
passengers a fee of up to $4.50 per trip segment to raise funds for
airport capital development.
[19] A letter of intent represents a nonbinding commitment from an
agency to provide multiyear funding to an entity beyond the current
authorization period. Thus, that letter allows an airport to proceed
with a project without waiting for future federal funds because the
airport and investors know that allowable costs are likely to be
reimbursed.
[20] U.S. General Accounting Office, Airport Finance: Past Funding
Levels May Not Be Sufficient to Cover Airports' Planned Capital
Development, GAO-03-497T (Washington, D.C.: Feb. 25, 2003).
[21] The proposed Vision 100--Century of Aviation Reauthorization--Act,
H.R. 2115.
[22] U.S. General Accounting Office, Aviation Security: Transportation
Security Administration Faces Immediate and Long-Term Challenges,
GAO-02-971T (Washington, D.C.: July 25, 2002).
[23] Aviation Security Costs, Transportation Security Administration,
statement of the Honorable Kenneth M. Mead, Inspector General, U.S.
Department of Transportation, before the Committee on Commerce, Science
and Transportation, Subcommittee on Aviation, U.S. Senate, Feb. 5, 2003
(CC-2003-066).
[24] DOT Inspector General, CC-2003-066.
[25] Office of Inspector General, DOT, Report on Oversight of Security
Screener Contracts, TSA, FI-2003-025 (Washington, D.C.: Feb. 28, 2003).
[26] GAO-03-322.
[27] U.S. General Accounting Office, Information Technology: Terrorist
Watch Lists Should Be Consolidated to Promote Better Integration and
Sharing, GAO-03-322 (Washington, D.C.: Apr. 15, 2003).
[28] GAO-03-843.
[29] U.S. General Accounting Office, A Model of Strategic Human Capital
Management, GAO-02-373SP (Washington, D.C.: March 2002).
[30] U.S. General Accounting Office, Transportation Security
Administration: Actions and Plans to Build a Results-Oriented Culture,
GAO-03-190 (Washington, D.C.: Jan. 13, 2003).
[31] U.S. General Accounting Office, Results-Oriented Cultures:
Implementation Steps to Assist Mergers and Organizational
Transformations, GAO-03-669 (Washington, D.C.: July 2, 2003).
[32] U.S. General Accounting Office, Major Management Challenges and
Program Risks: Department of Homeland Security, GAO-03-102 (Washington,
D.C.: Jan. 1, 2003).
[33] GAO-03-190.